Introduction

I always come across situations like I will be outside home and I may need some files or reference materials from my system. So I can ask any body at home to switch on the system through a call. Now the FTP server starts and I will be able to access my files and folders from anywhere. This FTP server is designed using C# .NET which enables full control over the application from remote locations.

Unique Feature

Their are lots of FTP server applications that are available free of cost. But those applications do not provide the facility to control the server remotely and some provide this facility by installing the required software in the remote machine which may not be possible all the times. But this provides a simple, user friendly web interface, where you can connect from a remote machine through a browser. This enables control over the application from remote machines. You can add new Users by setting their root paths remotely. This enables to allow others to use your system with restrictions for certain actions and specific path.

Concept/Code Behind AdvancedFTPServer

As soon windows starts up, a service named AdvFtpSvr starts and it executes FTP Server.exe from the installed path. Once the application is started, the process ends by itself as there is no work to do with the process. Here you may ask why use a Windows Service as the application can be started directly? The reason is the Windows service starts as soon as Windows is started and any process started by a Windows service has full access over the system which enables access to all the files and folders. There is an another way which we can use instead of Windows service which is Windows Scheduled task, but the disadvantage with this is that the scheduled task might had been disabled in some systems and is not the fully automated way of doing things.

Let us first see some of the basic and interesting methods. Most of us know that for FTP server programming, we need to listen on some ports (21) using a listener class. Generally when a listener is started, the firewall installed in the system blocks the application from receiving any incoming connections. So, for the application to work properly, the firewall must be configured to add an exception to the application. Adding exception to the firewall had been automated with the custom action in the installer.

The above method takes a byte array as input parameter and then processes each byte and then finally returns the encrypted byte array back. This method uses a very silly way of encrypting data but it is more than enough to protect a file from manual access.

Their are lot such petty interesting methods implemented in the application.

Let us now get deep into the implementation. As soon as the application starts first of all, the "Settings.dat" will be decrypted and loaded into memory. Then according to the settings, the FTP and HTTP listener will be started. Once the listener is started, it's now ready to serve the client's request.

First we shall discuss a little bit about FTP implementation.

There are three classes for the FTP server which are:

FTPServer in FTPServer.cs - This is the class which holds the listener.

FTPClient in FTPClient.cs - This is the class which holds all the methods required to service the FTP client.

FTPUser in FTPUser.cs - This is the class which holds the permission settings of all the users.

Now let us discuss about the methods in FTPServer class.

Start - This is the method which starts the listener to listen to the specified port for clients and fires the NewFTPClientArrived method whenever a new client arrives.

Stop - Stops the listener class from listening to the clients

NewFTPClientArrived - This is fired automatically whenever the new client is arrived. This creates a new object of the FTPClient class and stores the object in a local array list.

That's all with the FTPServer class. Let us now start with the methods in FTPClient class.

As soon as the object for the FTPClient class is created in the FTPServer class, it listens for the commands from the clients. There is a huge list of predefined commands for the FTP implementation. View the reference section at the bottom of this article for the links which describe each method and its implementation. Once the client sends the user name and password, the CommandReceived method checks for the username and password in the list and creates an object for the FTPUser class which holds all the rights information of the specific user. That's all to deal with the FTP implementation classes.

Let us now have a small discussion with the ApplicationLog class.

ApplicationLog class is a simple class holding a single static method named Write. This is used to write the application error events into the XML file for bug fixing purposes and for tracking some application changes. This write method is called throughout the project from inside a catch block passing the exception caught over there.

Finally let us have a short discussion on the HTTP implementation classes and then move on with a guide to use the application. The HTTP implementation class is the same as that of the FTP implementation class whereas all the commands used are not pre-defined and were defined by me. Unlink FTP classes instead of dealing with files and folders. This just deals with HTML codes, which is sent as response to each of the commands. All the pages for response are stored in the resource section of the application and are requested whenever needed.

This method sends the client a response header and once the response header is sent, the following bytes must contain the response body (i.e., HTML code). Response body can be sent using the same SendData method which takes a byte array as a parameter.

Now we are done with all the major classes and methods, and let us move on.

Using the Setup

First download and install the Setup from the link provided above, then restart your system. You will find a new icon in your system tray. Right click on the Tray Icon to display the context menu options as shown below. I have added the screen shots of the application. The code is self explanatory and I don't find much time to explain the features or code in detail. The default User Name and Password for the web authentication is "admin" and "admin" and the default port for the HTTP server is 9090. To connect to the web interface from the local system, just click on the Open HTTP menu from the context menu shown below.

Context Menu

User Account Screen

Add/Edit User Screen

Web Interface

For more help, just click on the help menu in the above screen after authenticating with the User Name and Password (default is "admin" and "admin").

Other Supportive Tools

When you use this from remote locations, you require an External IP Address. In case your External IP is generated dynamically, then you need an automated system to intimate your IP instantly. I use IPMon for this purpose.

Note

After the installation of the setup, the system needs to be restarted for the application to work properly.

The setup link provided above also installs a service as the server must be started as soon as Windows starts.

The installer automatically adds an exception for the application in Windows Firewall. If you had installed any other firewall, you need to manually add an exception or add to allowed/trusted list of the firewall for the application to work properly.

All the settings are stored in DAT file with the simple encryption, restricting people from manually viewing the information.

This article is excellent to implement FTP server. I could use it for my current project. However, in this article, it points to a link for IPMon that monitors the dynamic IP address. I followed it and found it was deleted. I notice that you are the author of IPMon too. Any chance I can get a look of IPMon?

This project is easy to get up and running but you've been warned. This kind of code where user input is handled should have plenty of tests but they are nowhere to be found.

Ideal implementation on Windows would probably need some sort of restricted privilege process with access allowed only to the folders specified in the ftp server configuration. If it's set up right, Windows would be doing the enforcing of what can be accessed.

"any process started by a Windows service has full access over the system which enables access to all the files and folders"

Though given this quote from the article, it doesn't really sound like the purpose here is to prevent access all over the place.

Hello, my name is Juan, i'm from argentina (i'm so sory for my bad english).My problem is: when i try to access to the file or directory list from any version of the mozilla firefox explorer the explorer don't show the list's, or presents an empty list. but, when i do this from Internet explorer (any version) the preoccess to list files and directories are succeded without any problem

Can you tell me why?how to i can to fix the problem?

another question: what is the language used to program the http interface? where can i download tutorials to know that language?

I must say the great source code that is exactly what I am looking for a long long time and of course, it really help me a lot. Thumbs up for you.

A question not mentioned in your codes: There are no results show on the directory window if we use a graphic ftp client such as smartFTP and cuteFTP to request for directories and files on your ftp server.

I do not know whether you have any wonderful idea for that? I do need your great help to perfect the everything I have learned from you. At last, please pardon me for my poor English. May Father be with you.

I hope you are using SSL over your "web" Admin Interface, as you are leaving yourself and your users wide open to hack attacks on your admin interface. I am not in favour of web admin interfaces that can remote controll all application functions unless they are adequately protected, but of course if you adequately protect it you are unable to use it!

It is not so simple to hack it and use the functionality of web interface. Until a valid user name and password is found the application wont accept any other changes or render the content of any other link other than the log in page. In case if you found any way to hack it and use the application functionality, then let me know about it, so that I can solve them. If I found time to provide a better feature then I will surely do so. Any way Thank you for your interest in posting the message.

The ftp side may have issues as well, such as handling of the paths in virtualizing the ftp root. Best to use a dedicated account with permissions only where needed and maybe even put the ftp root on a drive root, and limit access with firewall.